postfix lehnt Annahme lokaler E-Mails ab - User unknown in local recipient table.

Anton Blau tony.blue.mailinglist at gmx.de
Di Mai 5 23:17:51 CEST 2020 

Hallo,

mein postfix nimmt E-Mails an, die er an dem Smarthost (mail.gmx.net als
smarthost) weiterleitet, er verweigert aber die Annahme von E-Mails, die
er an die bestehenden lokalen Postfächer zustellen soll mit dieser
Fehlermeldung:


550 5.1.1 <avmb1 at firstmail.locallan>: Recipient address rejected: User
unknown in local recipient table.
  Bitte überprüfen Sie die E-Mail-Adresse des Empfängers
"avmb1 at firstmail.locallan" und wiederholen Sie den Vorgang.


Postfix ist per lda an dovecot angebunden. In dovecot sind die
(virtuellen) user in /etc/dovecot/users angelegt. Nach meinem
Verständnis sollte postfix per lda die lokalen user bei dovecot abfragen
- oder? Das klappt wohl irgendwie nicht.

Woran liegt das?


Vielen Dank im Voraus!

Tony

P. S: Ich habe die Anfrage auch unter de.comm.software.mailserver
gestellt, aber erst hinterher gesehen, das es eine postfix-Mailingliste
gibt, wo ich denke, dass die Anfrage passender ist.

Postfix-Konfiguration: postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
inet_interfaces = all
inet_protocols = all
mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot.conf
-m "${EXTENSION}"
mailbox_size_limit = 0
mydestination = firstmail.locallan localhost.locallan localhost *.locallan
mynetworks = 127.0.0.0/8, 192.168.0.0/24, 192.168.1.0/24,
192.168.3.0/24, 192.168.4.0/24, 192.168.10.0/24
myorigin = /etc/mailname
recipient_delimiter = +
relayhost = mail.gmx.net:587
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sender_dependent_relayhost_maps = hash:/etc/postfix/sender_dependent
smtp_connection_cache_on_demand = no
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
smtp_sasl_security_options = noanonymous
smtp_sender_dependent_authentication = yes
smtp_tls_security_level = encrypt
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_recipient_restrictions = reject_unknown_sender_domain,
reject_unknown_recipient_domain, reject_unauth_pipelining,
permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/dovecot/private/dovecot.pem
smtpd_tls_key_file = /etc/dovecot/private/dovecot.key
smtpd_tls_received_header = yes
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom



Dovecot-Konfiguration: doveconf -N
# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: Linux 5.3.18-3-pve x86_64 Ubuntu 18.04.4 LTS zfs
auth_debug_passwords = yes
auth_mechanisms = plain
auth_verbose = yes
auth_verbose_passwords = yes
log_timestamp = "%b %d %H:%M:%S "
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
mail_location = maildir:/var/vmail/mail/%u:INDEX=/var/vmail/index/%u
mail_plugins = notify mail_log
mail_privileged_group = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext
namespace inbox {
   inbox = yes
   location =
   mailbox Drafts {
     auto = subscribe
     special_use = \Drafts
   }
   mailbox Junk {
     auto = subscribe
     special_use = \Junk
   }
   mailbox Sent {
     auto = subscribe
     special_use = \Sent
   }
   mailbox "Sent Messages" {
     auto = subscribe
     special_use = \Sent
   }
   mailbox Trash {
     auto = subscribe
     special_use = \Trash
   }
   prefix =
   separator = /
   subscriptions = yes
   type = private
}
passdb {
   driver = pam
   name =
}
passdb {
   args = scheme=CRYPT username_format=%u /etc/dovecot/users
   driver = passwd-file
   name =
}
plugin {
   sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = " imap sieve"
service auth {
   unix_listener /var/spool/postfix/private/dovecot-auth {
     group = postfix
     mode = 0660
     user = postfix
   }
}
ssl = yes
ssl_cert = </etc/dovecot/private/dovecot.pem
ssl_client_ca_dir = /etc/ssl/certs
ssl_key =  # hidden, use -P to show it
userdb {
   driver = passwd
   name =
}
userdb {
   args = username_format=%u /etc/dovecot/users
   driver = passwd-file
   name =
}
verbose_proctitle = yes
protocol lda {
   deliver_log_format = msgid=%m: %$
   mail_plugins = notify mail_log sieve
   postmaster_address = postmaster
   rejection_reason = Your message to <%t> was automatically rejected:%n%r
}





Hier die vollständige /var/log/syslog

May  5 22:38:15 firstmail dovecot: auth: Debug: auth client connected
(pid=1384)
May  5 22:38:15 firstmail dovecot: auth: Debug: client in:
AUTH#0111#011PLAIN#011service=imap#011secured#011session=3VmDoOyk1OPAqAEB#011lip=192.168.3.210#011rip=192.168.1.1#011lport=143#011rport=58324#011local_name=firstmail.locallan
May  5 22:38:15 firstmail dovecot: auth: Debug: client passdb out:
CONT#0111
May  5 22:38:15 firstmail dovecot: auth: Debug: client in:
CONT#0111#011AGRlYmlhbkBmaXJzdG1haWwuZHVjawBEaWVzZXMzNDVpbWFwcG9zdGZhY2g3NTZpc3RzaWNoZXIkJA==
(previous base64 data may contain sensitive data)
May  5 22:38:15 firstmail dovecot: auth-worker(1380): Debug:
pam(debian at firstmail.locallan,192.168.1.1,<3VmDoOyk1OPAqAEB>): lookup
service=dovecot
May  5 22:38:15 firstmail dovecot: auth-worker(1380): Debug:
pam(debian at firstmail.locallan,192.168.1.1,<3VmDoOyk1OPAqAEB>): #1/1
style=1 msg=Password:
May  5 22:38:17 firstmail dovecot: auth-worker(1380):
pam(debian at firstmail.locallan,192.168.1.1,<3VmDoOyk1OPAqAEB>):
pam_authenticate() failed: Authentication failure (password mismatch?)
(given password: Dieses345imappostfach756istsicher$$)
May  5 22:38:17 firstmail dovecot: auth: Debug:
passwd-file(debian at firstmail.locallan,192.168.1.1,<3VmDoOyk1OPAqAEB>):
lookup: user=debian at firstmail.locallan file=/etc/dovecot/users
May  5 22:38:17 firstmail dovecot: auth: Debug: client passdb out:
OK#0111#011user=debian at firstmail.locallan
May  5 22:38:17 firstmail dovecot: auth: Debug: master in:
REQUEST#011470155265#0111384#0111#011463b6741c67e08393442232faf442c18#011session_pid=1385#011request_auth_token
May  5 22:38:17 firstmail dovecot: auth-worker(1380): Debug:
passwd(debian at firstmail.locallan,192.168.1.1,<3VmDoOyk1OPAqAEB>): lookup
May  5 22:38:17 firstmail dovecot: auth-worker(1380):
passwd(debian at firstmail.locallan,192.168.1.1,<3VmDoOyk1OPAqAEB>):
unknown user  - trying the next userdb
May  5 22:38:17 firstmail dovecot: auth: Debug:
passwd-file(debian at firstmail.locallan,192.168.1.1,<3VmDoOyk1OPAqAEB>):
lookup: user=debian at firstmail.locallan file=/etc/dovecot/users
May  5 22:38:17 firstmail dovecot: auth: Debug: master userdb out:
USER#011470155265#011debian at firstmail.locallan#011uid=5003#011gid=5000#011home=/var/vmail/mail/firstmail.locallan/debian#011auth_token=f98fb0f11addb9c290eb765d735947ddcbb90505

May  5 22:38:17 firstmail dovecot: imap-login: Login:
user=<debian at firstmail.locallan>, method=PLAIN, rip=192.168.1.1,
lip=192.168.3.210, mpid=1385, TLS
May  5 22:38:39 firstmail postfix/smtpd[1386]: connect from
unknown[192.168.1.1]
May  5 22:38:39 firstmail dovecot: auth: Debug: auth client connected
(pid=0)
May  5 22:38:40 firstmail dovecot: auth: Debug: client in:
AUTH#0111#011PLAIN#011service=smtp#011nologin#011lip=192.168.3.210#011rip=192.168.1.1#011secured#011resp=AGRlYmlhbkBmaXJzdG1haWwuZHVjawBEaWVzZXMzNDVpbWFwcG9zdGZhY2g3NTZpc3RzaWNoZXIkJA==
(previous base64 data may contain sensitive data)
May  5 22:38:40 firstmail dovecot: auth-worker(1380): Debug:
pam(debian at firstmail.locallan,192.168.1.1): lookup service=dovecot
May  5 22:38:40 firstmail dovecot: auth-worker(1380): Debug:
pam(debian at firstmail.locallan,192.168.1.1): #1/1 style=1 msg=Password:
May  5 22:38:42 firstmail dovecot: auth-worker(1380):
pam(debian at firstmail.locallan,192.168.1.1): pam_authenticate() failed:
Authentication failure (password mismatch?) (given password:
Dieses345imappostfach756istsicher$$)
May  5 22:38:42 firstmail dovecot: auth: Debug:
passwd-file(debian at firstmail.locallan,192.168.1.1): lookup:
user=debian at firstmail.locallan file=/etc/dovecot/users
May  5 22:38:42 firstmail dovecot: auth: Debug: client passdb out:
OK#0111#011user=debian at firstmail.locallan
May  5 22:38:42 firstmail postfix/smtpd[1386]: NOQUEUE: reject: RCPT
from unknown[192.168.1.1]: 550 5.1.1 <debian at firstmail.locallan>:
Recipient address rejected: User unknown in local recipient table;
from=<test.tester.debian at gmx.de> to=<debian at firstmail.locallan>
proto=ESMTP helo=<[192.168.1.1]>
May  5 22:39:12 firstmail postfix/smtpd[1386]: disconnect from
unknown[192.168.1.1] ehlo=2 starttls=1 auth=1 mail=1 rcpt=0/1 quit=1
commands=6/7

Mehr Informationen über die Mailingliste postfix-users